Unvalidated Length Value Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Server

Unvalidated Length Value Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Server

CVE-2010-3756 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-3060.

Learn more about our Cis Benchmark Audit For Ibm I.